PainSignal
For BuildersFor FoundersFor InvestorsHealthcare

Your Period Tracker Is Leaking Your Data—And That's a Market Opportunity

·Commentary on Hacker News (Best)

You download a period tracker. You input the most intimate details of your body—ovulation dates, pregnancy tests, miscarriage symptoms. You trust the app with data that could be used against you by employers, insurers, or prosecutors. Then you find out that app has been feeding that data to Facebook the whole time.

That's not a hypothetical. That's Flo Health, the period tracking app with over 100 million users, caught red-handed sharing menstrual cycle data, pregnancy status, and ovulation dates with Meta via its SDK. The FTC fined them. A class-action lawsuit followed. But here's the thing: Flo isn't an anomaly.

Our data tracks 47 distinct problems in the health data privacy category, with an average severity score of 4.2 out of 5. Twelve of those problems specifically involve reproductive health apps sharing sensitive data with third parties without explicit consent. The Flo case isn't a one-off—it's the canary in the coal mine.

And every canary means a market opportunity.

The original article on Hacker News (by campuscodi via FemTech Design Desk) does a solid job recounting the Flo saga—the $500,000 FTC settlement, the SDK tracking, the 100 million users exposed. But here's what it misses: the scale of the underlying problem and the explosive demand for solutions.

We track 8 app ideas aimed at privacy-first menstrual tracking, and their average user pain score is 4.5 out of 5. User engagement with these ideas has jumped 120% year-over-year. That's not a niche—that's a signal. Women are desperate for apps that keep data on-device, use on-device AI for predictions, and encrypt everything end-to-end.

Think about what that means for a builder. The incumbents—Flo, Clue, Glow—are now radioactive from a trust perspective. Meanwhile, the smartphone hardware is there: modern phones have enough compute to run on-device models for cycle prediction, symptom analysis, and fertility tracking without ever touching a cloud server. The tech stack exists. The trust gap is wide open.

This isn't just about periods either. The same dynamics apply to all health tracking—sleep, heart rate, mental health, medication reminders. Users are waking up to the fact that "free" apps monetize their most sensitive data. The moment an app asks for a health permission, the user should know: is this data staying on my device or going to a data broker?

For indie hackers and vibe coders, this is a greenfield. You don't need a medical degree—you need solid security practices, a focus on user experience, and a clear—actually clear—privacy policy. No legalese. No "we may share data with third parties." Just: "Everything stays on your phone. Period."

The FTC settlement against Flo required them to notify users and pay a reduced fine, but the damage to their reputation is done. Users are voting with their downloads, and the data shows a mass exodus toward anything that promises privacy. Build a simple, beautiful, on-device tracker and you don't have to compete with Flo on features—you just have to not sell their data.

That's a low bar that most of the market still can't clear. Our opportunity index for privacy-first health apps ranks this as one of the highest-urgency, lowest-competition spaces we track. The incumbents have been caught. The users are looking. The tech is ready. All that's missing is the build.

So if you're a developer wondering what to build next, look at your own phone. Look at the period tracker you don't have installed yet. Then build one that doesn't sell your secrets.

This article is commentary on the original article by campuscodi at Hacker News (Best). We encourage you to read the original.

Explore more problems and app ideas across Healthcare.

Browse App Ideas

Join the beta — full access for the first 1,000 builders

Join Beta